Wednesday, October 29, 2014

Major Cyber Attack Will Cause Significant Loss of Life By 2025, Experts Predict - Defense One

Everybody get your tin foil hats ready!
Tin foil hat 2
(Photo credit: Wikipedia)

Major Cyber Attack Will Cause Significant Loss of Life By 2025, Experts Predict - Defense One

Somehow I get the feeling that no matter how many dire predictions of an inevitable large scale cyber attack are made, there will still be a lot of folks completely caught by surprise.

Monday, October 27, 2014

Dude, where's my A record?

I ran into something a bit odd today while setting up a couple of new CentOS 6.5 virtual machines.  The VM's were both set to receive IP addresses via Windows DHCP, which was working except for one small bit.  That particular DHCP scope is set to dynamically create both forward (A) and reverse (PTR) records when a lease is obtained.  Oddly, this was not happening.  Being a Linux admin, I immediately thought, "must be Windows!"

After digging into the Windows side of the house, I was left scratching my head.  All of the settings for both DHCP and DNS were as they should be.  I set up a packet capture and sent a few DHCP requests from the VM's which revealed the issue.  The default behavior for dhclient in CentOS now is to not pass the hostname in the request.  Adding one simple parameter in the /etc/sysconfig/network-scripts/ifcfg-eth0 file solved everything.  If you run into this issue, simply add the following to the file for the affected interface:
DHCP_HOSTNAME=`hostname -s`
 By including this line, you are telling dhclient to pass the hostname to the DHCP server in the request.  

Sunday, October 26, 2014

SplunkLive: Reflections from Nashville


SplunkLive recently came to Nashville, Tennessee for the first time.  Although it was somewhat of a strain to make it due to the current load at work, I was determined not to miss it.  Coming away from the day long event, I was stoked from the info presented as well as from meeting and talking with other Splunk users.  If you use Splunk, or are just considering doing so, you should definitely make it to SplunkLive if it comes your way.

I know a lot of folks may look at such an event as a day long sales pitch, but this was not the case.  Granted, Splunk sales is there should you want more info, but the whole point of SplunkLive is getting current Splunk users more bang for the buck.  Multiple breakouts are held covering different topics aimed at different users of varying experience, but all have one thing in common - making Splunk do amazing things that you never thought possible.

If you are scratching your head wondering what Splunk is, let me sum it up this way.  If you ever have the need for pulling a needle out of a haystack of logs (or any kind of machine data for that matter), you seriously need to check out Splunk.  You can even run it for free, indexing up to 500MB of data per day.

Back to SplunkLive - as I said before, if it comes to your town, GO!  You will get a lot of great info and best of all, it's free!

Friday, October 24, 2014

Ubuntu 14.10 - Much ado about nothing?

I really hate to pile on to all of the lukewarm reviews for Ubuntu 14.10 (Utopic Unicorn), but I'm going to anyway.  There has been a lot of buzz about this release, being that it is the 10th anniversary of the distributions initial release.  Unfortunately it's more of a maintenance release than anything.  While stability and security updates are a good thing, I guess we just all expected something flashy or innovative with this release.  As always, update servers are slammed, so I wouldn't worry too much if you aren't one of the first ones to upgrade.  You're not missing much.

Wednesday, October 22, 2014

When MySQL joins become disjointed

I honestly don't know how I've managed to avoid this until now, but I ran into an issue today where I could not get a SQL query with a join to execute properly.  I kept getting errors saying that I had referenced an unknown column.  After rewriting the query several times and questioning my sanity, I decided to do a quick search online.  Much to my surprise, I quickly found the answer.  The way joins are handled changed ever so slightly in MySQL 5.0, such that they are now more closely aligned with ANSI SQL standards.  By tweaking the query and adding parentheses in the from clause, all worked perfectly.

Many thanks to jbrinkmann for his excellent article on the subject at MySQLjoin.com.

Tuesday, October 21, 2014

The Benevolence of Microsoft

I really must hand it to Microsoft.  For all of the bad publicity and general ill will that a lot of people harbor toward them, they still want to help the little guy out - even when that little guy is running Linux.

(Just for clarification, this does not involve the real Microsoft.)

A few minutes ago I received a call to my cell phone from a rather nice, if somewhat hard to understand, gentleman who informed me that Microsoft had received highly unusual traffic from my computer.

 "How did they get my number," I thought to myself.  "Must be some lucrative agreement with the NSA."

Directing my attention back to the kind soul on the other end of the line, no doubt a descendant of those long oppressed by the British Empire in their search for the perfect curry blend, I asked for more information.  He went on to say that the insidious network traffic was being sent as we spoke.

Monday, October 20, 2014

Who let the dogs out?

Here we go again - yet another "major" security vulnerability.  This time it is SSL 3.0 (why is anyone even using this anymore?) that has fallen victim.  Read more about the POODLE exploit at US-CERT.

Edit: The plot thickens!  This might be a good thing...

After reading a bit more on the subject, I realized that there might be a silver lining to this dark dog-shaped cloud after all.  All modern browsers support TLS and only fall back to SSL as a failsafe, so disabling SSL should not present an issue.  Notice that I said modern.  How many web developers out there consider IE6 and its nearly fossilized users to be thorn in their side?  Yes, there are some entities that insist on maintaining compatibility with this dinosaur of a browser.  Guess what IE6 does not support?  You guessed it... TLS!  What better reason to justify discontinuing support for IE6?

Dilbert.com
sed 's/WINDOWS XP/INTERNET EXPLORER 6/'

Wednesday, October 1, 2014

Are you patched?

I'm sure by now you've heard of the Bash vulnerability Shellshock.  Not going to beat a dead horse, but if you haven't patched yet, stop reading this and do it now!  After you're done, check out shellshocker.net and see if you're still vulnerable.